I asked today and was told WFA has "two years" left then everything will be REST API and Ansible
On September 24, 2020, Scott Miller scott.miller@dreamworks.com wrote:
On Thu, Sep 24, 2020 at 3:38 PM Philbert Rupkins <philbertrupkins@gmail.com mailto:philbertrupkins@gmail.com> wrote:
hmmmm....I will get confirmation. I hope my information is incorrect as WFA sounds like it will address our particular need.
FYI, take a look at ansible instead of WFA, as I suspect WFA has a limited future.
-skottie
On Wed, Sep 23, 2020 at 7:40 PM Scott Eno <cse@hey.com mailto:cse@hey.com> wrote:
“I explored WFA a while back but was told NetApp is moving away from that product in favor of Ansible and open automation via the ONTAP REST API.”
Wut? This would be ... bad.
On September 23, 2020, Philbert Rupkins
<philbertrupkins@gmail.com mailto:philbertrupkins@gmail.com> wrote:
Hi André,
Thanks for the note. I explored WFA a while back but was told
NetApp
is moving away from that product in favor of Ansible and open automation via the ONTAP REST API. As such, I chose to spend my
time
looking into the available Ansible modules and REST API
functionality
in 9.7.
Do you know if NetApp plans to continue to develop/support WFA long-term? Perhaps my source was mistaken.
Cheers, Phil
On Wed, Sep 23, 2020 at 10:40 AM André M. Clark
<andre.m.clark@gmail.com mailto:andre.m.clark@gmail.com> wrote:
Phil,
So that level of control/access is at the Cluster level and not
at the SVM level. If you want to do something like this with delegated access, WFA is definitely one way. Other alternatives is to use automation via Ansible in conjunction with Ansible Tower. There you can use predefined playbooks to perform the operations that you want, using naming standard that you want. And, use Ansible Tower to control who has the rights to execute the playbooks at certain levels.
Regards, André M. Clark
On September 23, 2020 at 09:51:14, Rupkins Philbert
(philbertrupkins@gmail.com mailto:philbertrupkins@gmail.com) wrote:
Hello,
Thanks for the responses. I should have included more details,
apologies.
Environment:
- ONTAP 9.3 P19 (9.7 by EoY)
- Windows Server 2008/2012/2016
- vSphere 6.0 (6.7 by EoY)
- RHEL7/8 based Linux hosts
The following summarizes the SVM scoped privs we'd like them to
have
via System Manager:
- Provision RW Flexvols
- Create Junction Paths
- Provision DR Flexvols
- Provision CIFS Shares
- Configure CIFS share permissions
- Provision NFS exports
- Configure export policies
- Manage local SVM user accounts (multiprotocol access / user
mappings)
- Create and manage Snapmirror relationships
- Create and manage snapshot policies
We'd like to stay away from delegating cluster level privs so
no need
for them to create SVM's , LIF's, etc - the platform team will continue to do that.
We do use VSC today. But that doesnt address general use CIFS
shares
and NFS exports.
My understanding is WFA is being retired. Is this not true?
Cheers, Phil
On Wed, Sep 23, 2020 at 8:23 AM tmac <tmacmd@gmail.com
mailto:tmacmd@gmail.com> wrote:
Might want to take a look at installing OnCommand Worfklow
Automation.
I suspect this may allow you to do what you need. Some
YouTube videos:
Technical Introduction OnCommand Workflow Automation Introduction
Product page:
https://mysupport.netapp.com/site/products/all/details/ocwfa/downloads- tab
--tmac
Tim McCarthy, Principal Consultant
Proud Member of the #NetAppATeam
I Blog at TMACsRack
On Wed, Sep 23, 2020 at 2:04 AM Alexander Griesser
<AGriesser@anexia-it.com mailto:AGriesser@anexia-it.com> wrote:
Hey,
what exactly are the requirements? What do you need them to
do, when you say "provision storage"?
Should they just be able to create new shares on already
existing volumes or do they need to create new volumes, new LIFs, local user accounts, etc.?
Best,
Alexander Griesser System-Administrator
ANEXIA Internetdienstleistungs GmbH
Telefon: +43-463-208501-320 Telefax: +43-463-208501-500
E-Mail: ag@anexia.at mailto:ag@anexia.at Web: http://www.anexia.at
Anschrift Hauptsitz Klagenfurt: Feldkirchnerstraße 140, 9020
Klagenfurt
Geschäftsführer: Alexander Windbichler Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-
Nummer: AT U63216601
-----Ursprüngliche Nachricht----- Von: Toasters <toasters-bounces@teaparty.net
mailto:toasters-bounces@teaparty.net> Im Auftrag von Philbert Rupkins
Gesendet: Mittwoch, 23. September 2020 00:25 An: Toasters <toasters@teaparty.net
Betreff: SVM Admin Access
Toasters,
I work with a team of Windows Server admins who are open to provisioning their own storage but strongly prefer a GUI.
I'd like
to provide this ability by granting System Manager access to
the specific SVM's that host their resources.
Much to my chagrin, it doesn't appear RBAC allows for System
Manager
access to particular SVMs. Instead, privileges must be
granted at
the cluster level which of course means those privs are
effective for all data SVMs (this is a non-starter).
Per NetApp docs, my only option appears to be SVM level RBAC
privs via SSH. Not quite the GUI option they are looking for but, organizationally, we're making a push for more automation and use of Ansible so it's not completely out of the question.
Is there an angle Im not considering that would allow for
SVM level
access via System Manager? Has anybody else come up with
creative
ways to address this problem?
I'd love to hear from you.
Thanks, Phil _______________________________________________ Toasters mailing list Toasters@teaparty.net mailto:Toasters@teaparty.net https://www.teaparty.net/mailman/listinfo/toasters
Toasters mailing list Toasters@teaparty.net mailto:Toasters@teaparty.net https://www.teaparty.net/mailman/listinfo/toasters
Toasters mailing list Toasters@teaparty.net mailto:Toasters@teaparty.net https://www.teaparty.net/mailman/listinfo/toasters
Toasters mailing list Toasters@teaparty.net mailto:Toasters@teaparty.net https://www.teaparty.net/mailman/listinfo/toasters
Toasters mailing list Toasters@teaparty.net mailto:Toasters@teaparty.net https://www.teaparty.net/mailman/listinfo/toasters